| ▲ | benterix a day ago |
| With time, I discovered something interesting: for us, techies, using container orchestration is about reliability, zero-downtime deployments, limiting blast radius etc. But for management, it's completely different. It's all about managing complexity on an organizational level. It's so much easier to think in terms "Team 1 is in charge of microservice A". And I know from experience that it works decently enough, at least in some orgs with competent management. |
|
| ▲ | kace91 a day ago | parent | next [-] |
| It’s not a management thing. I’m an engineer and I think it’s THE main advantage micro services actually provide: they split your code hard and allow a team to actually get ownership of the domain. No crossing domain boundaries, no in between shared code, etc. I know: it’s ridiculous to have an architectural barrier for an organizational reason, and the cost of a bad slice multiplies. I still think in some situations, that is better to the gas-station-bathroom effect of shared codebases. |
| |
| ▲ | strken a day ago | parent | next [-] | | I don't see why it's ridiculous to have an architectural barrier for org reasons. Requiring every component to be behind a network call seems like overkill in nearly all cases, but encapsulating complexity into a library where domain experts can maintain it is how most software gets built. You've got to lock those demons away where they can't affect the rest of the users. | | |
| ▲ | vbezhenar a day ago | parent | next [-] | | The problem is, that library usually does not provide good enough boundaries. C library can just shit over your process memory. Java library can cause all the hell over your objects with reflection, can just call System.exit(LOL). Minimal boundary to keep demons at bay is process boundary and you need some way for processes to talk to each other. If you're separating components into processes, it's very natural to put them to different machines, so you need your IPC to be network calls. One more step and you're implementing REST, because infra people love HTTP. | | |
| ▲ | sevensor a day ago | parent | next [-] | | > it's very natural to put them to different machines, so you need your IPC to be network calls But why is this natural? I’m not saying we shouldn’t have network RPC, but it’s not obvious to me that we should have only network RPC when there are cheap local IPC mechanisms. | | |
| ▲ | vbezhenar a day ago | parent [-] | | Because horizontal scaling is the best scaling method. Moving services to different machines is the easiest way to scale. Of course you can keep them in the same machine until you actually need to scale (may be forever), but it makes sense to make some architectural decisions early, which would not prevent scaling in the future, if the need arises. Premature optimisation is the root of all evil. But premature pessimisation is not a good thing either. You should keep options open, unless you have a good reason not to do so. If your IPC involves moving gigabytes of transient data between components, may be it's a good thing to use shared memory. But usually that's not required. | | |
| ▲ | strken 21 hours ago | parent [-] | | I'm not sure I see that horizontally scaling necessarily requires a network call between two hosts. If you have an API gateway service, a user auth service, a projects service, and a search service, then some of them will be lightweight enough that they can reasonably run on the same host together. If you deploy the user auth and projects services together then you can horizontally scale the number of hosts they're deployed on without introducing a network call between them. This is somewhat common in containerisation where e.g. Kubernetes lets you set up sidecars for logging and so on, but I suspect it could go a lot further. Many microservices aren't doing big fan-out calls and don't require much in the way of hardware. |
|
| |
| ▲ | pjmlp a day ago | parent | prev [-] | | And then we're back to 1980's UNIX process model before wide adoption of dynamic loading, but because we need to be cool we call them microservices. |
| |
| ▲ | kace91 a day ago | parent | prev [-] | | >Requiring every component to be behind a network call seems like overkill in nearly all cases That’s what I was referring to, sorry for the inaccurate adjective. Most people try to split a monolith in domains, move code as libraries, or stuff like that - but IMO you rarely avoid a shared space importing the subdomains, with blurry/leaky boundaries, and with ownership falling between the cracks. Micro services predispose better to avoid that shared space, as there is less expectation of an orchestrating common space. But as you say the cost is ridiculous. I think there’s an unfilled space for an architectural design that somehow enforces boundaries and avoids common spaces as strongly as microservices do, without the physical separation. | | |
| ▲ | sevensor a day ago | parent [-] | | How about old fashioned interprocess communication? You can have separate codebases, written in different languages, with different responsibilities, running on the same computer. Way fewer moving parts than RPC over a network. |
|
| |
| ▲ | pjc50 a day ago | parent | prev | next [-] | | That was the original Amazon motivation, and it makes sense. Conway's law. A hundred developers on a single codebase needs significant discipline. But that doesn't warrant its use in smaller organizations, or for smaller deployments. | |
| ▲ | saulpw a day ago | parent | prev | next [-] | | Conway's Law: Organizations which design systems (in the broad sense used here) are constrained to produce designs which are copies of the communication structures of these organizations. | |
| ▲ | pjmlp a day ago | parent | prev | next [-] | | Libraries do exist, unfortunely too many developers apparently never learn about code modularity. | |
| ▲ | immibis a day ago | parent | prev [-] | | And then you have some other group of people that sees all the redundancy and decides to implement a single unified platform on which all the microservices shall be deployed. |
|
|
| ▲ | embedding-shape a day ago | parent | prev | next [-] |
| > using container orchestration is about reliability, zero-downtime deployments I think that's the first time I've heard any "techie" say we use containers because of reliability or zero-downtime deployments, those feel like they have nothing to do with each other, and we've been building reliable server-side software with zero-downtime deployments long before containers became the "go-to", and if anything it was easier before containers. |
| |
| ▲ | benterix a day ago | parent [-] | | It would be interesting to hear your story, mine is that containers in general start an order of magnitude faster than vms (in general! we can easily find edge cases) and hence e.g. horizontal scaling is faster. You say it was easier before containers, I say k8s in spite of its complexity is a huge blessing as teams can upgrade their own parts independently and do things like canary releases easily with automated rollbacks etc. It's so much faster than VMs or bare metal (which I still use a lot and don't plan to abandon anytime soon but I understand their limitations). | | |
| ▲ | embedding-shape 11 hours ago | parent [-] | | In general, my experience is "the more moving parts == less reliable", if I were to generalize across two decades of running web services. The most reliable platforms I've helped manage has been platforms that tried to avoid adding extra complexity until they really couldn't avoid it, and when I left still deployed applications by copy a built binary to a Linux host, reload the systemd service, switch the port in the proxy and let traffic hit the new service while healtchecking, and when green, switch over and stop the old service. Deploys usually took minutes (unless something was broken), scaling worked the same as if you were using anything else, increase a number and redeploy, and no Kubernetes, Docker or even containers as far as the eye could see. |
|
|
|
| ▲ | Towaway69 a day ago | parent | prev | next [-] |
| As soon there is more than one container to organise, it becomes a management task for said techies. Then suddenly one realises that techies can also be bad at management. Management of a container environment not only requires deployment skills but also documentational and communication skills. Suddenly it’s not management rather the techie that can't manage their tech stack. This pointing of fingers at management is rather repetitive and simplistic but also very common. |
|
| ▲ | a day ago | parent | prev [-] |
| [deleted] |
